Hello everyone!
I have version 6.1.2 of Zentyal running on Ubuntu 18.04. On this server I have the AD / DNS Firewall / Squid IPS / IDS modules on the WAN interface and the VPN module.
Everything works fine, but when I enable the proxy, even without any blocking rules, I can't access the Zentyal administration web interface through my internal network (LAN).
So, I created a permissive proxy rule for the IP, domain and URL of my Zentyal.lan, and I still can't access it when my station is configured behind the proxy.
Remember that when I remove my browser from the proxy the access happens normally, but behind the proxy the log access.log returns the following:
1580143516.314 0 172.16.99.99 TCP_DENIED / 403 23229 CONNECT zentyal.dominio.local: 8443 - HIER_NONE / - text / html
or
1580143559.826 0 172.16.99.99 TCP_DENIED / 403 23187 CONNECT 172.16.99.251:8443 - HIER_NONE / - text / html
I imagine that this could be a proxy problem with port 8443, but I can't find a method to put that port inside Squid's Safe_ports.
When I try to add port 8443 to Squid's Safe_ports ACL from the command line, and Zentyal saves some changes to the proxy module, the rule I entered from the command line is overwritten / deleted from the server's squid.conf, I can access.
Given the problem described above, I would like to know, is it possible to access the address https: //servidor.local: 8443 with the machine behind the Zentyal proxy?
Thanks in advance.